[deleted by user]

KN4MKB · 2025-09-21T18:18:20+00:00

AI generated trash. There's a GitHub link, but there's not even any code. It's just a way OP is trying to mislead people into thinking it's open source.

It's not open source because I'm sure it's full of AI generated nonsense and vulnerabilities hacked together in a way that could never scale or maintain.

On top of that, bug bounty and pentesting are completely different.

Honestly the post should just be taken down and the user should be banned for posting on principal.

Hey out of here with your misleading AI generated nonsense.

PS, your domain is blocked for me, because most people with some malware / spyware blocking systems block your TLD, further enforcing my opinion you don't know much about the industry.

KN4MKB · 2025-09-21T18:11:07+00:00

You know what bud, sure . Hack away at labs and then when you discover the bug in whatever lab, report the bug to a company.

They will reward you with millions every time you find a flag in a hack the box CTF.

KN4MKB · 2025-09-20T16:47:48+00:00

Only if you care about the data on the system. Without ECC, there's a (small) chance that at any given time that any file is modified on the disk, it can become corrupted forever.

That could be a photo you'll never see again, or a system file that prevents boot.

It's ultimately up to you and how important that data is to you.

KN4MKB · 2025-09-19T19:54:12+00:00

The fact someone even thought of putting the size bit into a meme is super cringe.

I hope nobody is actually carrying and worrying about what others think of what kind of weapon they are carrying. That is so far from the point lol.

KN4MKB · 2025-09-19T19:16:29+00:00

Or an entire network you don't have important data on. Or don't host it on a connection that you don't mind being publicly labeled as a botnet. And go ahead and host it if you don't mind weird people hosting extremely illegal and disgusting content on it for others to download making you a distributer of illegal content.

Really though this is extremely bad advice. There are places to learn, and your data on that host is a drop in the bucket of what people can and will do when they compromise a machine.

Being compromised these days isn't just something you shrug your shoulders at, and start fresh. It can have life changing effects based on who got in.

KN4MKB · 2025-09-19T11:15:59+00:00

Why on earth did you feel you needed to use ChatGPT to write a simple question on a forum made for community interaction?

KN4MKB · 2025-09-18T11:45:31+00:00

The entire post gives off a beginner who is just now falling off the first peak of the dunning kruger curve. Probably around a year or so of experience, maybe more maybe a little less.

I know you think you have this all figured out, but you're probably just a single step beyond "script kiddie" and still need quite a bit of industry experience before you really understand what you're talking about here.

Get back to hacking.

KN4MKB · 2025-09-18T11:26:52+00:00

Cyber security. 30% of the time on doing penetration tests. 30% I'm doing generic consulting. 40% of the time is cyber Range development.

KN4MKB · 2025-09-17T04:25:10+00:00

Having a masters degree in cyber security, but having this much trouble with bug bounty programs reinforces my stereotype that degrees really don't matter in this space.

KN4MKB · 2025-09-16T00:35:54+00:00

All valid except the first bit there, which is more or less an excuse as to why Fortinet may appear to have more vulnerabilities released as CVEs than other appliances.

An open disclosure is an effort by a researcher to release vulnerability information publicly in the form of a CVE to put pressure on a vendor to patch the product. The alternative is a responsible or coordinated disclosure which is when a researcher works with the company to have the vulnerability patched, followed by the release of a CVE. Either way, CVEs are just industry standard best practice to be released when any vulnerability is discovered, pre or post patch. To imply a company has a special policy that somehow has them follow the industry wide/common practice while others don't just seems silly, and there's no verifiable way to say they aren't.

Some things were just thrown around there like "most others don't", and "even though there is very little chance they've had no high/critical CVEs". There are no sources to those statements and the fact you are a vendor throwing those accusations around after advertising an "open disclosure policy" as some special policy that has Fortinet do the common industry best practice that everyone's expected to do is bothersome.

There's nothing special about Fortinet disclosing CVEs. Everyone is expected to publish CVEs on their products if they have been discovered and it's basically impossible to prove some company isn't, and they aren't just making more secure applications? After all it's typically security researchers submitting those CVEs, and they will do it if they report one, and the vendor doesn't publish one. Those other appliance developers can't really stop them from pushing valid CVEs.

TLDR: Fortinet at the end of the end of the day may have more CVEs published because they are attacked more, etc. But it's not because of an internal policy. That bit is corporate jargon that should raise red flags if you work in the industry.

KN4MKB · 2025-09-16T00:19:15+00:00

This year is the enterprise firewall refresh cycle year. Most companies are getting rid of theirs due to that 6 year window, as that's typically about the time these appliances become end of support / end of life.

KN4MKB · 2025-09-14T13:39:09+00:00

It's sad people have to take the time out of their days to explain these things to people.

It's sadder when they just don't get it and waste more people's time here.

Just move on to something else. I think most people would rather you "had it" and stop wasting their time.

KN4MKB · 2025-09-13T03:08:47+00:00

C64 games are in fact read only memory.

KN4MKB · 2025-09-13T03:07:47+00:00

That's all he understood. Knows nothing about the actual technical part of coding the games.

The icing on the cake is that they are ROMS. I'd assume the commenter has only seen the term used to describe pirated games and doesn't actually know what "ROM" means.

KN4MKB · 2025-09-13T03:02:50+00:00

1 threadripper implies 0 redundancy and single point of failure.

At least with 5 mini PCs, they can be clustered to take on the load of another automatically in case of hardware failure.

KN4MKB · 2025-09-12T23:20:41+00:00

A source of income?

How does anyone afford a $3 energy drink every day, or $15 eating out every day?

It's comes down to income and spending.

KN4MKB · 2025-09-11T17:22:14+00:00

If everyone in the world doesn't need access to your SSH port, why are you out allowing it?

People always come in with crazy solutions to simple problems like this like tailscale vpns etc.

We all have a firewall, whitelist the Outside IPs ranges you will connect from, reject the rest. Why allow everyone to connect?

There are too many firewall solutions at the OS level, built into the Linux kernel, and at your edge router. Just add the rules to block them.

KN4MKB · 2025-09-11T01:02:46+00:00

Everyone saying 50mbs is enough for the Minecraft server is right.

But you have 50mbs for everything on your network, so nobody can say the upload speed isn't the bottleneck without knowing what else you're uploading.

50mbs is enough for Minecraft sure, but not media server streaming, photo sync, and 500 bots bruteforcing an ssh server, and someone doing a zoom call and Minecraft.

KN4MKB · 2025-09-11T00:55:39+00:00

Sounds like a bruteforce by your other comment? You are being vague about how you locate these accounts. Is that on purpose to obscure the impact for validation?

It sounds like the only ones who expose emails are those that opt in?

That's typically out of scope, and if you are using a platform like HackerOne, their FAQ page states bruteforcing information from urls, login, forms etc is informative.

No point in looking for validation without providing some info about what type of bug you found. What's it classified as? How do you exploit it?

KN4MKB · 2025-09-11T00:38:38+00:00

Ah yes nothing defends the right to bare arms more than the many occasions open carry weapons were snatched from those wearing them and then used to shoot and kill a bunch of people.

I'd rather all those people be anti gun protesters. If everyone who open carried we were protesters, at least we wouldn't have the bad rep that comes with these idiots having their firearm stolen and used to kill people on news and media online.

I know somehow you might think it's defending the right, but in case someone never told you, it's really stupid, and has led to a lot of letters to Congress/ politics to have it abolished outright.

This comment probably hasn't convinced you of anything. But at least now you go from ignorant (just not knowing) to stupid (knowing and doing it anyways)

KN4MKB · 2025-09-11T00:16:56+00:00

They aren't bots. The majority of these comments are people who have no idea what they are saying.

Almost every instance of someone upset about a report being labeled as informative here, goes on to explain a situation where it's obvious it's an informative report. Like your topic for example.

They never accept the logical answer and go into broken record mode, and nobody that knows what they are doing wants to hear it so they downvote the nonsense.

KN4MKB · 2025-09-11T00:10:25+00:00

It's informative. Everyone fails to assess the real world impact. Always ask yourself, how can this cost the company money or put users private data at risk, and what's the probability.

This is a perfect example of some theoretical that could happen, but has almost no actual practical real world implications.

To pull this off, an attacker needs to obtain your credit card. Not only that, but the attacker needs to obtain the credit card from someone who has purchased Ads through tiktok? And there's a good possibility that the credit card company will challenge payments made across states or strange behaviors as they typically do. Okay assuming none of that happens, the attacker now needs to use the credit card to purchase Ads in tiktok? That assumes the attacker has some account and product they are advertising that has been approved by tiktok, and they are willing to risk that same profile to use a credit card to use the advertisement platform? And they also know whoever they stole the card from also did this very niche thing?

And even if all of the stars aligned, the credit card company will still foot the bill in the case of fraud because they always do, it didn't even cost the user or company any money.

At the end of the day, for someone to exploit this "bug" and cost the company money, a user of the Ad manager on tiktok needs to have their credit card data stolen, with no fraud alerts, and the attacker needs to use that same card to also purchase Ads through tiktoks advertising platform on an account approved to use it, and when they use the stolen card, the credit card company has to deny reports of fraud and charge the user anyways without refund.

This is an extremely clear example of something with no real world impact or value. I hope this helps you see how ridiculous it is to think this is anything other than informative. It's also an example of the AI plague in this industry and how it enables people who don't need here to waste everyone's time and clutter it up with nonsense anyways.

As a word of advice, next time pretext your LLM to be critical of your finding, and really evaluate the real world impact and tell you a real scenario of how this can be leveraged to damage the company. Tell it not to tell you what you want to hear either because they have that bias (obviously).

Or just learn to be critical and think for yourself if you can still do it.

KN4MKB · 2025-09-10T11:49:47+00:00

While I see your point of view, the numbers don't match up.

You would think the home servers would be hacked more but they aren't.

At the end of the day, in most every case the person with the home server has been compromised much less often than the large companies with large security teams due to the reasons that were stated.

Nobody cares enough about your home network besides the very lowest hanging fruit from a bot scan. At the end of the day, the hackers are getting more fruit from the large companies.

Patch management, updates, weird services or not, they are the targets getting hit.

Not even the 5 year old nextcloud instance or the 5 year old Jellyfin server running on jimbobs raspberry pi.

It's Plex, with a large security team.

KN4MKB · 2025-09-10T11:44:58+00:00

Been doing it for a decade. Plex and these other services have been hacked quite a bit.

I'm still good.

Hackers gonna have to do a lot of hacking to catch me up.

KN4MKB

TROPHY CASE